mirror of
https://github.com/go-vikunja/vikunja.git
synced 2026-03-12 10:04:48 -05:00
00c4148f05
Problem: When using Casdoor as an OpenID provider, there's an inconsistency between the user information in the JWT token and the UserInfo endpoint. The token contains the user's unique ID in the `name` field, while the UserInfo endpoint correctly returns the user's display name. Solution: This PR adds a new `ForceUserInfo` option to the OpenID provider configuration. When enabled, it forces the use of the UserInfo endpoint to retrieve user information instead of relying on claims from the ID token. Impact: - Default behavior remains unchanged (backward compatible) - New option allows administrators to force using UserInfo endpoint data - Particularly useful for providers like Casdoor that don't fully comply with OIDC standards Related: I've opened an issue in the Casdoor repository (https://github.com/casdoor/casdoor/issues/3806) to discuss the root cause. However, changing Casdoor's token structure might cause significant compatibility issues for existing integrations, so it's unclear if this can be fixed at the provider level. This PR provides a workaround in Vikunja that doesn't affect existing functionality.